Re: [Asrg] RMX breaks mailing lists


On Thursday, March 6, 2003, at 10:34 AM, Liudvikas Bukys wrote:

I looked back over the archives at the whole RMX discussion,
and looked at the Designated Senders draft as well, and it
appears that nobody has mentioned the problem that it
EITHER:
        - breaks legitimate forwarding such as mailing lists
OR
        - can be trivially worked around by forging Received headers

(After all, I didn't receive Hadmut Danisch's note from his server,
I received it from my internal relay, which received it from
an ietf.org server.)

So in the DS model, you would configure your internal relay to do theDS test, which had a sender of <asrg-admin(_at_)ietf(_dot_)org>, and ask IETF "is132.151.1.19 authorized to send mail for ietf.org?", get an assuranceof trust, and move on.

You could then set up your final-MX to say "trust all mail from myinternal relay, because it's already done those checks itself".

The received headers never come into play. It's strictly concernedsender-domain (from the envelope) and connecting IP.


D

_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg

<Prev in Thread]

Current Thread

[Next in Thread>

Previous by Date:

Re: [Asrg] Whoops -- list volume is way too high, some principles, Chris Lewis

Next by Date:

[Asrg] RE: Asrg digest, Vol 1 #32 - 9 msgs, Kee Hinckley

Previous by Thread:

Re: [Asrg] RMX breaks mailing lists (not necessarily), David F. Skoll

Next by Thread:

Re: [Asrg] RMX breaks mailing lists, Liudvikas Bukys

Indexes:

[Date] [Thread] [Top] [All Lists]